Security Risk and Compliance Specialist

Please note that this is a remote position.

Do you want to experience the essence of a large organization in a company with a personal touch? Come and work with us! We are looking for creative, innovative, and collaborative people like you to join our team.

Take your ambitions to the next level

Reporting to the chief information security officer (CISO) and as a key member of the Corporate IT team, you will be responsible for ensuring that all of Alithya’s activities adhere to its established security policies, standards, processes and guidelines.

You will be assisting the CISO with setting up and maintaining the compliance process to ensure contractual, legal and regulatory compliance. As such, you will be heavily relied upon to contribute to the enterprise IT security team.

• Coordinate all IT security evidence collection;

• Assess and classify evidence;

• Help select company compliance tools;

• Plan and coordinate Alithya’s operational activities to guarantee compliance with applicable regulations;

• Perform regular internal assessments, audits and reviews;

• Gather evidence data and format it as required;

• Identify compliance problems by collecting, analyzing, and summarizing information;

• Work with internal team members to answer regular and ad hoc audit queries related to compliance;

• Establish and enforce organizational standards;

• Ensure that all policies, standards, processes and procedures are well documented and implemented;

• Develop risk management strategies to avoid possible non-compliance;

• File compliance reports;

• Research and communicate compliance requirements to Alithya;

• Maintain professional and technical knowledge of new and changing regulations;

• Contribute to:

  • the implementation, adherence and review of the IT security policies and standards;

  • a collaborative and stimulating work environment.

• Prepare management reports related to security compliance.

When it just clicks!

Does this sound like you?

• At least 12 years of experience as a security risk and compliance analyst;

• Over 8 years of working experience in an IT security-related field;

• Industry knowledge;

• Knowledge of, ISO 27001 controls framework, SOC-2, PIPEDA, GDPR, SOX and ITIL;

• Experience with compliance analysis;

• Excellent diagnostic skills (ability to diagnose an issue or situation quickly and efficiently);

• Basic computer skills and ability to input and manipulate data (e.g., Excel);

• Great organizational skills (coordination, sorting, checklists, etc.);

• Strong analytical, critical-thinking and problem-solving skills;

• Detail oriented, self-starter and team player;

• Ability to work autonomously and proactively.

Assets:

• Bachelor’s degree in computer science, information technology, accounting, finance, or a related discipline;

• Experience with CISA, CISM, ISO 27001 auditors or lead implementers;

• Experience in project and/or risk management.

Our authenticity is our strength

The diversity of our backgrounds, experiences, thoughts and insights is our competitive advantage. We foster a collaborative environment rooted in our core values of respect, well-being, passion, trust, integrity and creativity. For us, diversity, equity and inclusion aren’t just buzzwords; they’re essential drivers of innovation and excellence, and powerful catalysts for inspiration and evolutionary ideas. The empowerment of our people is fundamental to being the trusted advisor to our clients. Join us in embracing our authenticity and in leveraging our unique perspectives to collectively build the future we all envision.

An inclusive path to success

Fostering an environment where you can thrive starts with ensuring an accessible recruitment process. If you require any accommodations, we welcome you to contact us at [email protected].